I have a rails 3 app running with following stack:
ubuntu lucid lynx, apache2, passenger hosted on Amazon EC2
When accessed over http, the pages load and the site has no problems at all.
Then i installed a valid SSL cert on the webserver. When i try to access the same url over https, and it looks like passenger is not being activated. instead, in the browser, the folder structure of the rails application is rendered.
What configuration changes or modifications do I need to make to Apache and/or Passenger so that the https URL returns the same thing as the corresponding http url?
You need something like this:
<VirtualHost *:80>
ServerName orders.xxx.com
DocumentRoot "/var/www/html/ps-main/current/public"
CustomLog /var/log/apache2/orders common
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://orders.xxx.com%{REQUEST_URI}
NameVirtualHost *:443
RailsEnv production
<Directory /var/www/html/ps-main>
AllowOverride all
Options -MultiViews
</Directory>
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
CustomLog /var/log/apache2/orders common
ServerAdmin webmaster#xxx.com.com
ServerName orders.xxx.com
SSLCertificateFile /etc/ssl/cert.crt
SSLCertificateKeyFile /etc/ssl/server.key
SSLCertificateChainFile /etc/ssl/intermediate.pem
# SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
DocumentRoot /var/www/html/ps-main/current/public
<Directory /var/www/html/ps-main/current/public>
Options -MultiViews
AllowOverride all
</Directory>
</VirtualHost>
This will redirect all http traffic to https. If that's not what you need, remove the redirects.
Related
I have a server which maintains multiple domains using VirtualHost and I'm trying to setup GitWeb according to Gitweb - ArchWiki.
According to the wiki, I have to append the lines below to an Apache config file.
Alias /gitweb "/usr/share/gitweb"
<Directory "/usr/share/gitweb">
DirectoryIndex gitweb.cgi
Options ExecCGI
Require all granted
<Files gitweb.cgi>
SetHandler cgi-script
</Files>
SetEnv GITWEB_CONFIG /etc/gitweb.conf
</Directory>
After this, Alias works and I can access the service by accessing one of
192.168.10.102/gitweb/ (local IP)
https://my_domain_1.com/gitweb/
https://my_domain_2.com/gitweb/
...
So far, everything's okay.
Now I'd like to limit the effect of the Alias to one domain: my_domain_1.com. So I moved the lines above inside its existing VirtualHost settings.
<VirtualHost *:80>
DocumentRoot "/var/www/html1"
ServerName my_domain_1.com
# The lines are pasted here.
RewriteEngine on
RewriteCond %{SERVER_NAME} =my_domain_1.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} END,NE,R=permanent]
</VirtualHost>
However, when I access https://my_domain_1.com/gitweb/, 404 error occurs. The error log says nothing and I have no .htaccess for the domain.
How can I make it work?
I found the solution.
Since I requested that all of http requests should be redirected to the https versions, I should have written the gitweb settings not in <VirtualHost *:80> (http) but in <VirtualHost *:443> (https). The result should be
<VirtualHost *:443>
DocumentRoot "/var/www/html1"
ServerName my_domain_1.com
# The lines are pasted here.
SSLCertificateFile /etc/letsencrypt/live/my_domain_1.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/my_domain_1.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
Now it works perfectly.
I'm have a an Apache HTTP server that has a reverse proxy to a tomcat server. However, I only want the reverse proxy to happen when the client uses the subdomain www. This is because I want to use other subdomains to point to other applications, such as email.
e.g. www.example.com will go display the apache tomcat webapp.
The way to do this, I presume, is to configure my DNS so that every subdomain I use will point to my server. Right now, in addition to www, that is server.example.com and posfixadmin.example.com. However, the issue is that all my subdomains end up pointing to tomcat.
So when I try to visit postfixadmin.example.com/setup.php to set up postfixadmin through its web setup, it ends up taking me to my tomcat webapp's 404.
Here is my virtualhost configuration:
<VirtualHost www.example.com:80>
ServerName http://www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
<VirtualHost server.example.com:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
<VirtualHost postfixadmin.example.com:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
EDIT
It looks like the proxy conf file doesn't do anything (??). I decided to experiment around and change the first virtualhost servername to the following:
<VirtualHost *:80>
ServerName abcd.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
Then, I restarted and reloaded Apache...But for some reason, going to www.example.com STILL took me to the tomcat webapp! Does anyone know what drives this?
As to the DNS: I have set specific CNAME entries for each subdomain including www; all of them point back to the public IP of my server that houses my example.com domain (using # in my case - possible with most DNS, I think). There may be some different strategies on this, but I believe you're on the correct path based on what you've suggested in the question.
As to Apache configuration:
I believe that the http protocol does not need to be specified in the ServerName directive and that, generally, the domain need not appear inside the <VirtualHost>...</VirtualHost> tags.
I should mention that I am relatively unfamiliar with Tomcat but am assuming it is listening at 8080 on the localhost, in which case this should help.
I'm not 100% certain that that is all that is snarling you, but try trimming that ServerName back and doing like so, including the change to the VirtualHost open tag:
<VirtualHost *:80>
ServerName www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
Your second <VirtualHost> probably requires similar changes, though it also seems that you are directing it to serve requests from the web/network which are coming in on port 8080 -- which I don't believe is your intent.
I think what you want is to also listen on port 80 from the web/network, but to follow these directives if addressed to server.example.com like so:
<VirtualHost *:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
And finally, similar change to the opening <VirtualHost> tag on the final one:
<VirtualHost *:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
Altogether, this seems more like what you're looking for:
<VirtualHost *:80>
ServerName www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
<VirtualHost *:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
<VirtualHost *:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
I got it!
It turns out that the problem was in the ssl configuration file - the :443 ports were overlapping.
Thanks for the help!
I setup two virtual hosts for a subdomain in my apache config. One for SSL and one for non-SSL redirecting to SSL. This is it:
<VirtualHost *:80>
ServerName subdomain.domain.tld
Redirect permanent / https://subdomain.domain.tld/
</VirtualHost>
<VirtualHost *:443>
DocumentRoot "/var/www/subdomain"
ServerName subdomain.domain.de
<Directory "/var/www/subdomain">
AllowOverride All
allow from all
Options +Indexes
</Directory>
SSLCertificateFile /etc/letsencrypt/live/subdomain.domain.tld/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/subdomain.domain.tld/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
Apparently I also use Let’s Encrypt.
DNS is setup as follows:
subdomain.domain.tld IN A <IP address of server>
Problem is, that any request to subdomain.domain.tld in my browser will ultimately redirect to https://www.subdomain.domain.tld.
The setup does not even cover any requests to www.
Why is it redirecting my request to www? This is what I want to avoid.
I found the issue.
It was not related to the apache config, instead it was the worpress instance hosted, that did a 301 redirect.
Sorry.
I'm running Apache 2.4 on Ubuntu 14.04 server. It's purpose is a mail server so it has postfix, dovecot and roundcube on it (amongst other things). I'm trying, and failing, to configure Apache to serve the pages that I want.
I have an SSL certificate installed and working correctly. I want to force all access over HTTPS so I have:
<VirtualHost *:80>
Redirect / https://mailserver.hni.ae/
</VirtualHost>
Both sets of files to be served are under /var/www/html, the first being /var/www/html/A and the other /var/www/html/B (let's say). I have configured my /etc/apache2/sites-available/000-default.conf (which has a symlink to ./sites-enabled) to be:
<VirtualHost *:443>
SSLEngine On
SSLCertificateFile /etc/ssl/private/mycert.crt
SSLCertificateKeyFile /etc/ssl/private/mycert.key
ServerAdmin webmaster#mydomain.com
ServerName www.mydomain.com
DocumentRoot /var/www/html/
DirectoryIndex index.php
<Directory /var/www/html/A>
Options FollowSymLinks
AllowOverride None
Order Allow,Deny
Allow from all
</Directory>
<Directory /var/www/html/B>
Options FollowSymLinks
AllowOverride None
Order Deny,Allow
Deny from All
Allow from 192.168.1.1
</Directory>
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
And that works. I can go to www.mydomain.com/B and it serves the login page for those pages (only when I access from the specified IP address), and www.mydomain.com/A and login to the pages from app A.
My problem: I want to be able to go to www.mydomain.com/C and just plain www.mydomain.com and be redirected to www.mydomain.com/A but when I use Redirect ... the server gets into a loop and tries to serve www.mydomain.com/AAAAAAA.... I suspect I should use the RedirectMatch temp ^/$... directive but can't get that to work either. Maybe something to do with the Redirect for :80 to :443 clashing? There is no .htaccess involved as I'm using AllowOverride None.
I've read the Apache 2.4 documentation thoroughly but just can't figure it out. Any suggestions?
You can use a RewriteRule. Add this to your VirtualHost:
RewriteEngine On
RewriteRule ^/(C/?|)$ /A [R,L]
Make sure mod_rewrite is enabled too.
Explanation:
Regex ^/(C/?|)$ will match /C optionally followed by a /, or just / i.e. the root of www.mydomain.com
I have a domain www.example.com hosted in one location.
I have created another account with a different hosting provider that allows me to create subdomains: www.test1.example.com and www.test2.example.com
I am putting a custom page for each of the subdomains when the user goes to test1.example.com, test2.example.com....
After the user logs in on this custom page, I want to maintain the subdomain (of test1.example.com) but internally have all requests point to www.example.com.
I am running the custom pages on Apache and the domain pages on Apache Tomcat - I think that using 'mod_rewrite' is the way to go?
Put the following in a .htaccess file in your subdomain's document root:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^test1\.example\.com$
RewriteRule ^/(.*) http://example.com/$1 [redirect,last]
To enable mod_rewrite on a modern Ubuntu web server run this command:
sudo ln -s /etc/apache2/mods-available/rewrite.load /etc/apache2/mods-enabled/rewrite.load
Make sure AllowOverride is set to "All" in your VirtualHost configuration (for example /etc/apache2/sites-available/default):
<Directory /var/www/document/root/>
AllowOverride All
</Directory>
then restart Apache:
sudo /etc/init.d/apache2 restart
So, basically the answer I found that worked was to use mod_proxy. I enabled that as an Apache module and included the following in my httpd-vhosts.conf file.
NameVirtualHost *:80
<VirtualHost *:80>
ServerName test1.example.com
DocumentRoot "location_of_the_custom_page"
ErrorLog "logs\errors.log"
<directory "D:\wamp\www\capitalfloat">
Options Indexes FollowSymLinks
AllowOverride all
Order Deny,Allow
Deny from all
Allow from all
</directory>
</VirtualHost>
<VirtualHost *:80>
ServerName localhost2
ServerAlias *.example.com
ErrorLog "logs\errors.log"
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://www.example.com
ProxyPassReverse / http://www.example.com
</VirtualHost>
I also had to include 'http://www.example.com' and 'test1.example.com' in the Windows Host File (For me, C:\Windows\System32\drivers\etc\hosts). In my custom login page, the request goes to 'example.com' and all subsequent requests are sent to 'www.example.com' but the url still shows 'test1.example.com/...'